Compliance

We help organisations navigate complicated data protection law and policy, especially in the health and social care sectors, where it is recognised that there is particularly complexity. Our projects routinely include:

Engaging with the Independent Group Advising on the Release of Data (IGARD), formerly Data Access Advisory Group (DAAG) to access data held by NHS Digital (formerly Health and Social Care Information Centre).

Completing Section 251 applications (NHS Act 2006) for research and non-research applications for the Health Research Authority (HRA) hosted Confidentiality Advisory Group (CAG).

Governance, policy, protocol and procedure to satisfy the Care Quality Commission (CQC) and National Institute for Health and Care Excellence (NICE) standards where these relate to recording and processing personal data.

As well as externally imposed regulatory regimes, we work with clients to develop internal integrated governance approaches that maintain efficient and effective management control of information risk.

Our hands-on and practical approach includes:

Audit of the requisite regime to provide management assurance of compliance

We are increasingly shifting our focus to preparedness and compliance with the Data Protection Act 2018, incorporating the General Data Protection Regulation (GDPR). We have mapped this to IGT to enable organisations that must complete IGT to meet contractual obligations, but have limited resources, to must meet both DPA 2018/GDPR and IGT requirements once.

Kaleidoscope Consultants
Kaleidoscope are subject matter experts who develop advice and guidance for public and private sector organisations on the lawful use of Personal Confidential Data.